Method of performing device to device communication between user equipments

ABSTRACT

The present disclosure relates to a pre-5th-Generation (5G) or 5G communication system to be provided for supporting higher data rates Beyond 4th-Generation (4G) communication system such as Long Term Evolution (LTE). In accordance with an aspect of the present disclosure, a method of transmitting data in a device to device communication system is provided. The method includes determining whether a security feature is applied to one or more packet data convergence protocol (PDCP) data units, configuring the one or more PDCP data units based on the determined result, and transmitting the one or more PDCP data units to one or more receiving user equipments (UEs).

CROSS-REFERENCE TO RELATED APPLICATION(S)

This application is a continuation application of prior application Ser.No. 14/928,184, filed on Oct. 30, 2015, and claimed the benefit under 35U.S.C. § 119(a) of an Indian provisional patent application filed onOct. 30, 2014 in the Indian Patent Office and assigned Serial number5430/CHE/2014, and of an Indian complete patent application filed onOct. 7, 2015 in the Indian Patent Office and assigned Serial number5430/CHE/2014, the entire disclosure of each of which is herebyincorporated by reference.

TECHNICAL FIELD

The present disclosure relates to pro-se communication in 3^(rd)generation partnership project (3GPP). More particularly, the presentdisclosure relates to generating a packet data convergence protocol(PDCP) protocol data unit (PDU) depending on whether or not security isapplied during transmission.

BACKGROUND

To meet the demand for wireless data traffic having increased sincedeployment of 4G (4^(th)-Generation) communication systems, efforts havebeen made to develop an improved 5G (5^(th)-Generation) or pre-5Gcommunication system. Therefore, the 5G or pre-5G communication systemis also called a ‘Beyond 4G Network’ or a ‘Post LTE System’.

The 5G communication system is considered to be implemented in higherfrequency (mmWave) bands, e.g., 60 GHz bands, so as to accomplish higherdata rates. To decrease propagation loss of the radio waves and increasethe transmission distance, the beamforming, massive multiple-inputmultiple-output (MIMO), Full Dimensional MIMO (FD-MIMO), array antenna,an analog beam forming, large scale antenna techniques are discussed in5G communication systems.

In addition, in 5G communication systems, development for system networkimprovement is under way based on advanced small cells, cloud RadioAccess Networks (RANs), ultra-dense networks, device-to-device (D2D)communication, wireless backhaul, moving network, cooperativecommunication, Coordinated Multi-Points (CoMP), reception-endinterference cancellation and the like.

In the 5G system, Hybrid FSK and QAM Modulation (FQAM) and slidingwindow superposition coding (SWSC) as an advanced coding modulation(ACM), and filter bank multi carrier (FBMC), non-orthogonal multipleaccess (NOMA), and sparse code multiple access (SCMA) as an advancedaccess technology have been developed.

Device to device (D2D) communication is being studied in communicationstandard groups to enable data communication services between userequipments (UEs). During the D2D communication, a transmitting D2D UEcan transmit data packets to a group of D2D UEs, broadcast data packetsto all the D2D UEs, or send unicast data packets to a specific D2D UE.D2D communication between the transmitter and receiver(s) isconnectionless in nature, i.e., there is no connection setup (e.g., nocontrol messages are exchanged) between the transmitter and receiverbefore the transmitter starts transmitting the data packets. During thetransmission, the transmitter includes a source identification (ID) anddestination ID in the data packets. The source ID is set to the UE ID ofthe transmitter. The destination ID is the intended recipient of thetransmitted packet. The destination ID indicates whether the packet is abroadcast packet or a unicast packet or a packet intended for a group.

FIG. 1 is a schematic diagram illustrating a protocol stack for D2Dcommunication according to the related art.

Referring to FIG. 1, the packet data convergence protocol (PDCP) layerin the transmitter receives the data packets, i.e., Internet protocol(IP) packets or address resolution protocol (ARP) packets (PDCP servicedata units (SDUs)) from an upper layer. It secures the packet and alsocompresses the IP headers of IP packets. The processed packet PDCPprotocol data unit (PDU) is sent to radio link control (RLC) layer. TheRLC layer receives the PDCP PDUs (RLC SDUs) from the PDCP layer. Itfragments the PDCP PDUs if needed and sends the RLC PDUs to a mediaaccess control (MAC) layer. The MAC layer multiplexes the RLC PDUs (orMAC SDUs) and sends the MAC PDU to a physical (PHY) layer fortransmission on a PC5 interface (e.g., a wireless channel).

FIG. 2 is a schematic diagram illustrating a PDCP PDU for D2Dcommunication according to the related art.

Referring to FIG. 2, the PDCP layer adds a PDCP header to each PDCP SDU.The PDCP header comprises of PDU type, pro-se group key (PGK) ID, pro-setraffic key (PTK) ID and PDCP sequence number (SN). The PDU typeindicates whether the data in PDCP PDU is an ARP packet or an IP packet.In order to support the security a PGK is defined. PGK is specific to agroup of D2D UEs. Multiple PGKs per group can be pre-provisioned in aUE. Each of these PGKs for the same group is identified using an 8 bitPGK ID. If a UE wants to send data packets to a group, then it derives aPTK from the PGK corresponding to that group. The PTK is identifiedusing PTK ID. PTK is a group member specific key generated from the PGK.Each PTK is also associated with a 16 bit counter (or PDCP SN). Thecounter (or PDCP SN) is updated for every packet transmitted.

The transmitter always adds the PDCP header with the PDU type, PGK ID,PTK ID and PDCP SN in every PDCP PDU. The receiver always parses thesefour fields in every PDCP PDU. The transmitter and receiver alwaysencrypt/decrypt the data in PDCP PDUs respectively.

In some D2D communication systems, whether or not to apply the security(e.g., encryption and/or integrity protection) can be configurable. Inthe case that the transmitter does not apply security, then the relatedart approach does not work as the receiver always assumes that data isencrypted in every PDCP PDU and using the PDCP security information inthe PDCP header, the receiver derives the security keys and decrypts thedata.

In some D2D communication system, a UE can be in coverage of network andanother UE can be in out of network coverage. UE in coverage of networkcan receive the security configuration information from the network,while out of coverage UE must rely on pre-configuration or may not applysecurity in the absence of security configuration information. In thecase that the receiving UE is in coverage and always assumes that datais encrypted in every PDCP PDU then communication will fail as thereceiver attempts to decrypt the PDU which is not encrypted.

Thus, there is a need for a method to generate the PDCP PDU depending onwhether or not the security is applied. Further, it is required toreduce the overhead in the radio interface by avoiding transmittingredundant information, especially when security is not applied, then itis not required to send the security information in the PDCP header.

The above information is presented as background information only toassist with an understanding of the present disclosure. No determinationhas been made, and no assertion is made, as to whether any of the abovemight be applicable as prior art with regard to the present disclosure.

SUMMARY

Aspects of the present disclosure are to address at least theabove-mentioned problems and/or disadvantages and to provide at leastthe advantages described below. Accordingly, an aspect of the presentdisclosure is to provide a method of performing device to devicecommunication between user equipments (UEs).

In accordance with an aspect of the present disclosure, a method oftransmitting data in a device to device communication system isprovided. The method includes determining whether a security feature isapplied to one or more packet data convergence protocol (PDCP) dataunits, and configuring the one or more PDCP data units based on thedetermined result, and transmitting the one or more PDCP data units toone or more receiving user equipments (UEs).

In accordance with an aspect of the present disclosure, a method ofreceiving data in a device to device communication system is provided.The method includes receiving one or more packet data convergenceprotocol (PDCP) data units, and processing the one or more PDCP dataunits configured based on whether a security feature is applied to oneor more packet data convergence protocol (PDCP) data units.

In accordance with an aspect of the present disclosure, an apparatus oftransmitting data in a device to device communication system isprovided. The apparatus includes a controller for determining whether asecurity feature is applied to one or more packet data convergenceprotocol (PDCP) data units and configuring the one or more PDCP dataunits based on the determined result, and a transmitter for transmittingthe one or more PDCP data units to one or more receiving user equipments(UEs).

In accordance with an aspect of the present disclosure, an apparatus oftransmitting data in a device to device communication system isprovided. The apparatus includes a receiver for receiving one or morepacket data convergence protocol (PDCP) data units, and a controller forprocessing the one or more PDCP data units configured based on whether asecurity feature is applied to one or more packet data convergenceprotocol (PDCP) data units.

Other aspects, advantages, and salient features of the disclosure willbecome apparent to those skilled in the art from the following detaileddescription, which, taken in conjunction with the annexed drawings,discloses various embodiments of the present disclosure.

BRIEF DESCRIPTION OF THE DRAWINGS

The above and other aspects, features, and advantages of certainembodiments of the present disclosure will be more apparent from thefollowing description taken in conjunction with the accompanyingdrawings, in which:

FIG. 1 is a schematic diagram illustrating a protocol stack for deviceto device (D2D) communication according to the related art;

FIG. 2 is a schematic diagram illustrating a packet data convergenceprotocol (PDCP) protocol data unit (PDU) for D2D communication accordingto the related art;

FIG. 3 is a flowchart illustrating a PDCP entity operation in thetransmitter for generating the PDCP PDU according to an embodiment ofthe present disclosure;

FIG. 4 is a flowchart illustrating a PDCP entity operation in thereceiver according to an embodiment of the present disclosure;

FIG. 5 is a flowchart illustrating a PDCP entity operation in thereceiver according to an embodiment of the present disclosure;

FIG. 6 is a flowchart illustrating a PDCP entity operation in thetransmitter for generating the PDCP PDU according to an embodiment ofthe present disclosure;

FIG. 7 is a flowchart illustrating a PDCP entity operation in thereceiver according to an embodiment of the present disclosure;

FIG. 8 is a flowchart illustrating a PDCP entity operation in thetransmitter for generating the PDCP PDU according to an embodiment ofthe present disclosure;

FIG. 9 is a flowchart illustrating a PDCP entity operation in thereceiver according to an embodiment of the present disclosure;

FIG. 10 is a flowchart illustrating a PDCP entity operation in thetransmitter for generating the PDCP PDU according to an embodiment ofthe present disclosure; and

FIG. 11 is a flowchart illustrating a PDCP entity operation in thereceiver according to an embodiment of the present disclosure.

Throughout the drawings, like reference numerals will be understood torefer to like parts, components, and structures.

DETAILED DESCRIPTION

The following description with reference to the accompanying drawings isprovided to assist in a comprehensive understanding of variousembodiments of the present disclosure as defined by the claims and theirequivalents. It includes various specific details to assist in thatunderstanding but these are to be regarded as merely exemplary.Accordingly, those or ordinary skill in the art will recognize thatvarious changes and modifications of the various embodiments describedherein can be made without departing from the scope and spirit of thepresent disclosure. In addition, descriptions of well-known functionsand constructions may be omitted for clarity and conciseness.

The terms and words used in the following description and claims are notlimited to the bibliographical meanings, but, are merely used by theinventor to enable a clear and consistent understanding of the presentdisclosure. Accordingly, it should be apparent to those skilled in theart that the following description of various embodiments of the presentdisclosure is provided for illustration purpose only and not for thepurpose of limiting the present disclosure as defined by the appendedclaims and their equivalents.

It is to be understood that the singular forms “a,” “an,” and “the”include plural referents unless the context clearly dictates otherwise.Thus, for example, reference to “a component surface” includes referenceto one or more of such surfaces.

It will be further understood that the terms “includes”, “comprises”,“including” and/or “comprising” when used in this specification, specifythe presence of stated features, integers, operations, elements and/orcomponents, but do not preclude the presence or addition of one or moreother features integers, operations, elements, components, and/or groupsthereof. As used herein, the term “and/or” includes any and allcombinations and arrangements of one or more of the associated listeditems.

Unless otherwise defined, all terms (including technical and scientificterms) used herein have the same meaning as commonly understood by oneof ordinary skill in the art to which this disclosure pertains. It willbe further understood that terms, such as those defined in commonly useddictionaries, should be interpreted as having a meaning that isconsistent with their meaning in the context of the relevant art andwill not be interpreted in an idealized or overly formal sense unlessexpressly so defined herein. Any name or term (which is registeredtrademark/copyright) used in the specification is only for the purposeof explaining the present disclosure and not for any commercial gain.

The present disclosure describes a method to generate the packet dataconvergence protocol (PDCP) protocol data unit (PDU) depending onwhether or not a security feature is applied during pro-se communicationin 3rd generation partnership project (3GPP).

Embodiment 1

FIG. 3 is a flowchart illustrating a PDCP entity operation in thetransmitter for generating the PDCP PDU according to an embodiment ofthe present disclosure.

Referring to FIG. 3, in this method of the present disclosure, thetransmitter adds the same PDCP header irrespective of whether or not asecurity feature (e.g., ciphering) is applied on the data (i.e., PDCPservice data unit (SDU)) by a PDCP entity. In an embodiment of thepresent disclosure, the pro-se configuration information provided by thenetwork (which is stored in the secure element (e.g., a universalintegrated circuit card (UICC)) of the device) indicates to PDCP whetheror not security feature (e.g. ciphering) should be applied to PDCP SDUsfor a particular destination identification (ID), for all destinationIDs, or for a particular PDU SDU type (e.g., a relay SDU, signaling SDU,address resolution protocol (ARP) SDU, etc.). In an embodiment of thepresent disclosure, whether or not to apply a security feature (e.g.,ciphering) is configured by the pro-se key management function or pro-sefunction in the network. In an embodiment of the present disclosure, theupper layer indicates to PDCP whether or not a security feature (e.g.,ciphering) should be applied to PDCP SDUs by the PDCP entity. Whether ornot a security feature (e.g., ciphering) should be applied to PDCP SDUscan be indicated for a particular destination ID, for all destinationIDs, or for a particular PDU SDU type (e.g., a relay SDU, signaling SDU,ARP SDU, etc.). Upper layer may indicate not to apply a security featurein PDCP if the security is already applied to the PDCP SDU at the upperlayer. If the security feature is applied, then PDCP generates the PDCPPDU by adding the PDCP header and including the PDU type, pro-se groupkey (PGK) ID and pro-se traffic key (PTK) ID and PDCP sequence number(SN) values associated with the PDCP SDU in the PDCP PDU. If thesecurity feature is not applied, then PDCP generates the PDCP PDU byadding the PDCP header and setting the PDU type associated with the PDCPSDU in the PDCP PDU. The PGK ID and PTK ID are set to predefined values.In one embodiment of the present disclosure, they can be set to zeroes.In another embodiment of the present disclosure, they can be set toones. The pre-defined values of PGK ID and/or PTK ID indicated in thePDCP header when the security feature is not applied are used toidentify (i.e., should be excluded from values used to identify PGK andPTK when the security is applied) PGK and PTK when the security featureis applied. In an embodiment of the present disclosure, the PDCP SDUsare not numbered if the security is not applied, and the PDCP SN in thePDCP header is set to a pre-defined value. The pre-defined value can bezero.

In an embodiment of the present disclosure, the transmitter determinesif a security feature is to be applied on a PDCP SDU or not, atoperation 301. At operation 302, the security feature is either appliedor not based on the information received from the operation 301. If thesecurity feature is applied, at operation 303, PDCP entity encrypts thePDCP SDU. PDU Type and PDCP SN are set to the corresponding valuesassociated with PDCP SDU. At operation 304, PGK ID is set in the PDCPheader to the PGK ID of the PGK or some least significant bits (LSBs) ofthe PGK ID of the PGK which was used to generate PTK used for securingthis PDCP SDU. At operation 305, the PTK ID is set to the PTK ID of thePTK which was used to generate a pro-se encryption key (PEK) used forsecuring this PDCP SDU. The encrypted PDCP SDU is transmitted togetherwith PDCP header to a receiver.

If a security feature is not to be applied, PDCP entity does not encryptthe PDCP SDU. PDU type is set to the corresponding value associated withPDCP SDU at operation 306. At operation 307, the PGK ID is set in thePDCP header to predefined values (e.g., zeros or ones). At operation308, the PTK ID is set in the PDCP header to predefined values (e.g.,zeros or ones). At operation 309, PDCP SDUs are not numbered and thePDCP SN in the PDCP header is set to a pre-defined value (e.g., zeros orones). The unencrypted PDCP SDU is transmitted together with PDCP headerto the receiver.

FIG. 4 is a flowchart illustrating a PDCP entity operation in thereceiver according to an embodiment of the present disclosure.

Referring to FIG. 4, in an embodiment of the present disclosure, thereceiver knows whether or not the security feature is applied to thePDCP SDU based on configuration information received from a network(which is stored in the secure element (UICC) of the device). In anembodiment of the present disclosure, whether or not the securityfeature (e.g., ciphering) is applied is configured by the pro-se keymanagement function or pro-se function in the network. In an embodimentof the present disclosure, the upper layer indicates to PDCP whether ornot the security feature is applied to PDCP SDUs. If the securityfeature is applied, the PDCP entity parses the PDCP header anddetermines the PGK and PTK used for securing the PDCP SDU based on thePTK ID and PGK ID in the PDCP header. The PDCP entity also parses thePDCP header and determines the PDCP SN. If the security feature is notapplied, then the PDCP entity ignores the PTK ID and PGK ID fields inthe PDCP header. In an alternate embodiment of the present disclosure,wherein PDCP SDUs are not numbered if the security feature is notapplied, then the PDCP entity ignores the PDCP SN, PTK ID, and PGK IDfields in the PDCP header.

In an embodiment of the present disclosure, the receiver process thedata received from the transmitter to determine if security feature isapplied on the PDCP SDU or not based on configuration information from apro-se function or pro-se key management function, at operation 401. Atoperation 402, a check is performed of whether or not the securityfeature is applied based on the information received from the operation401. At operation 403, the PDCP entity parses the PDCP header anddetermines the PDCP SN, PGK, and PTK used for securing the PDCP SDUbased on the PTK ID and PGK ID in the PDCP header when the securityfeature is applied. At operation 404, the received PDCP SDU is decryptedand sent to upper layer. In an embodiment of the present disclosure, theupper layer includes, but is not limited to, non-access stratum (NAS)protocol, pro-se protocol, application, internet protocol (IP), ARPprotocol, and signaling protocol.

At operation 405, the PDCP SDUs are not numbered if the security featureis not applied, and the PDCP entity ignores the PDCP SN, PTK ID, and PGKID fields in the PDCP header. In an alternate embodiment of the presentdisclosure at operation 405, the PDCP entity ignores the PTK ID and PGKID fields in the PDCP header when the security feature is not applied.At operation 406, the PDCP entity sends the received PDCP SDU to upperlayer without decryption. In an embodiment of the present disclosure,the upper layer includes, but is not limited to, NAS protocol, pro-seprotocol, application, IP protocol, ARP protocol, and signalingprotocol.

FIG. 5 is a flowchart illustrating a PDCP entity operation in thereceiver according to an embodiment of the present disclosure.

Referring to FIG. 5, in this embodiment of the present disclosure, thereceiver determines whether or not the security feature is applied tothe PDCP SDU based on the PGK ID and/or PTK ID field values in the PDCPheader. If the PGK ID and/or PTK ID are set to predefined values, thenthe PDCP entity interprets that the security feature is not applied tothe PDCP SDU; otherwise, it interprets that the security feature isapplied to the PDCP SDU. In an alternate embodiment of the presentdisclosure, the receiver determines whether or not the security featureis applied to the PDCP SDU based on the PDCP SN and/or PGK ID and/or PTKID field values in the PDCP header. If the PDCP SN and/or PGK ID and/orPTK ID are set to the predefined values, then the PDCP entity interpretsthat the security feature is not applied to the PDCP SDU; otherwise, itinterprets that the security feature is applied to the PDCP SDU.

At operation 501, the receiver reads the PGK ID and/or PTK IDinformation in the received PDCP header. At operation 502, a check isperformed of whether the PGK ID and/or PTK ID is set to the pre-definedvalues. At operation 503, the receiver observes that the securityfeature is applied to PDCP SDU when the PGK ID and/or PTK ID is not setto the pre-defined values. In an alternate embodiment of the presentdisclosure, at operation 501, the receiver reads the PDCP SN and/or PGKID and/or PTK ID information in the received PDCP header. At operation502, a check is performed of whether the PDCP SN and/or PGK ID and/orPTK ID is set to the pre-defined values. At operation 503, the receiverobserves that the security feature is applied to the PDCP SDU when thePDCP SN and/or PGK ID and/or PTK ID is not set to the pre-definedvalues. The PGK and PTK used for securing the PDCP SDU are determinedbased on the PTK ID and PGK ID in the PDCP header. At operation 504, thereceived PDCP SDU is decrypted and sent to the upper layer. In anembodiment of the present disclosure, the upper layer includes, but isnot limited to, NAS protocol, pro-se protocol, application, IP protocol,ARP protocol, and signaling protocol.

At operation 505, the receiver observes that the security feature is notapplied to the PDCP SDU when the PGK ID and/or PTK ID is set to thepre-defined values. Alternately, at operation 505, the receiver observesthat the security feature is not applied to the PDCP SDU when the PDCPSN and/or PGK ID and/or PTK ID is set to the pre-defined values. Thereceived PDCP SDU is sent to upper layer without decryption. In anembodiment of the present disclosure, the upper layer includes, but isnot limited to, NAS protocol, pro-se protocol, application, IP protocol,ARP protocol, and signaling protocol.

Embodiment 2

FIG. 6 is a flowchart illustrating a PDCP entity operation in thetransmitter for generating the PDCP PDU according to an embodiment ofthe present disclosure.

Referring to FIG. 6, in this embodiment of the present disclosure, thetransmitter adds a different type of PDCP header depending on whether ornot the security feature (e.g., ciphering) is applied on the data (i.e.,a PDCP SDU). In an embodiment of the present disclosure, the pro-seconfiguration information provided by the network (which is stored inthe secure element (UICC) of the device) indicates to PDCP whether ornot the security feature (e.g., ciphering) should be applied to PDCPSDUs by the PDCP entity for a particular destination ID, all destinationIDs, or a particular PDU SDU type (e.g., a relay SDU, signaling SDU, ARPSDU, etc.). In an embodiment of the present disclosure, whether or notto apply the security feature (e.g., ciphering) is configured by thepro-se key management function or pro-se function in the network. In anembodiment of the present disclosure, the upper layer indicates to PDCPwhether or not the security feature should be applied to PDCP SDUs.Whether or not the security feature (e.g., ciphering) should be appliedto PDCP SDUs, can be indicated for a particular destination ID, for alldestination IDs, or for a particular PDU SDU type (e.g., a relay SDU,signaling SDU, ARP SDU, etc.). Upper layer may indicate not to apply thesecurity feature in PDCP if the security is already applied to the PDCPSDU at the upper layer. If the security feature is applied, then PDCPgenerates the PDCP PDU by adding the PDCP header and setting the PDUtype, PGK ID, PTK ID, and PDCP SN associated with the PDCP SDU in thePDCP PDU. If the security feature is not applied, then PDCP generatesthe PDCP PDU by adding the PDCP header wherein the PDCP header comprisesof PDU type and PDCP SN fields only. These fields are set to the PDUtype and PDCP SN associated with the PDCP SDU in the PDCP PDU. The PGKID and PTK ID are not included in the PDCP header.

In an embodiment of the present disclosure, an indicator is provided inthe PDCP header which indicates whether or not the PGK ID and PTK ID areincluded in the PDCP header.

At operation 601, the transmitter determines if the security feature isto be applied on the PDCP SDU or not. At operation 602, the securityfeature is either applied or not, based on information received from theoperation 601. At operation 603, the PDCP entity encrypts the PDCP SDUand the PDCP header is added to data, i.e., a PDCP SDU, which comprisesof only PDU type, PGK ID, PTK ID, and PDCP SN when the security featureis applied. At operation 604, the PDU type and the PDCP SN are set tothe corresponding values associated with the PDCP SDU. At operation 605,the PGK ID in the PDCP header is set to the PGK ID of the PGK which wasused to generate the PTK used for securing this PDCP SDU. At operation606, the PTK ID is set to the PTK ID of the PTK which was used togenerate the PEK used for securing this PDCP SDU. The encrypted PDCP SDUis transmitted together with the PDCP header to the receiver.

At operation 607, the PDCP entity does not encrypt the PDCP SDU. ThePDCP header is added to the data, which comprises of only the PDU typeand PDCP SN, when the security feature is not applied. At operation 608,the PDU type and the PDCP SN are set to the corresponding valuesassociated with the PDCP SDU. The unencrypted PDCP SDU is transmittedtogether with PDCP header to the receiver.

FIG. 7 is a flowchart illustrating a PDCP entity operation in thereceiver according to an embodiment of the present disclosure.

Referring to FIG. 7, in this embodiment of the present disclosure, thereceiver already knows whether or not the security feature is applied tothe PDCP SDU based on configuration information received from a network(which is stored in the secure element (UICC) of the device). In anembodiment of the present disclosure, whether or not the securityfeature (e.g., ciphering) is applied is configured by the pro-se keymanagement function or pro-se function in the network. In an embodimentof the present disclosure, the upper layer indicates to PDCP whether ornot the security feature is applied to PDCP SDUs. If the securityfeature is applied, the PDCP entity parses the PDCP header comprising ofthe PDU type, PGK ID, PTK ID, and PDCP SN. The PDCP entity thendetermines the PGK and PTK used for securing the PDCP SDU based on thePTK ID and PGK ID in the PDCP header. If the security feature is notapplied, then the PDCP entity parses the PDCP header comprising of thePDU type and PDCP SN (as the receiver knows that the PGK ID and PTK IDare not included in the PDCP header).

At operation 701, the receiver determines if the security feature is tobe applied on PDCP SDU or not based on configuration information frompro-se function. At operation 702, the security feature is eitherapplied or not based on information received from the operation 701. Atoperation 703, the PDCP entity parses the PDU type, PGK ID, and PDCP SNfrom the beginning of the PDCP PDU, and determines the PGK and PTK usedfor securing the PDCP SDU based on the PTK ID and PGK ID in the PDCPheader. At operation 704, the received PDCP SDU is decrypted and sent toupper layer. In an embodiment of the present disclosure, the upper layerincludes, but is not limited to, NAS protocol, pro-se protocol,application, IP protocol, ARP protocol, and signaling protocol.

At operation 705, the PDCP entity parses the PDU type and PDCP SN fromthe beginning of the PDCP PDU. Alternately, at operation 705, the PDCPentity parses the PDU type from the beginning of the PDCP PDU. Atoperation 706, the received PDCP SDU is sent to upper layer. In anembodiment of the present disclosure, the upper layer includes, but isnot limited to, NAS protocol, pro-se protocol, application, IP protocol,ARP protocol, and signaling protocol.

Embodiment 3

FIG. 8 is a flowchart illustrating a PDCP entity operation in thetransmitter for generating the PDCP PDU according to an embodiment ofthe present disclosure.

Referring to FIG. 8, in this embodiment of the present disclosure, thetransmitter adds a different type of PDCP header depending on whether ornot the security feature is applied on the data (i.e., a PDCP SDU). Inan embodiment of the present disclosure, the pro-se configurationinformation provided by the network (which is stored in the secureelement (UICC) of the device) indicates to PDCP whether or not thesecurity feature should be applied to PDCP SDUs by the PDCP entity for aparticular destination ID, all destination IDs, or a particular PDU SDUtype (e.g., a relay SDU, signaling SDU, ARP SDU, etc.). In an embodimentof the present disclosure, whether or not the security feature (e.g.,ciphering) is applied is configured by the pro-se key managementfunction or pro-se function in the network. In an embodiment of thepresent disclosure, the upper layer indicates to PDCP whether or not thesecurity feature should be applied to PDCP SDUs. Whether or not thesecurity feature (e.g., ciphering) should be applied to PDCP SDUs, canbe indicated for a particular destination ID, for all destination IDs,or for a particular PDU SDU type (e.g., a relay SDU, signaling SDU, ARPSDU, etc.). Upper layer may indicate not to apply the security featurein PDCP if the security is already applied to the PDCP SDU at the upperlayer. If the security feature is applied, then PDCP generates the PDCPPDU by adding the PDCP header and setting the PDU type, PGK ID, PTK ID,and PDCP SN associated with the PDCP SDU in the PDCP PDU. If thesecurity feature is not applied, then PDCP generates the PDCP PDU byadding the PDCP header, wherein the PDCP header comprises of the PDUtype only. The field PDU type is set to the PDU type associated with thePDCP SDU in the PDCP PDU. The PGK ID, PTK ID, and PDCP SN fields are notincluded in the PDCP header. The PDCP SN is not maintained since thesecurity feature is not applied.

In an embodiment of the present disclosure, an indicator is provided inthe PDCP header which indicates whether or not the PGK ID, PTK ID, andPDCP SN are included in the PDCP header.

At operation 801, the transmitter determines if the security feature isto be applied on PDCP SDU or not. At operation 802, the security featureis either applied or not based on information received from theoperation 801. At operation 803, the PDCP entity encrypts the PDCP SDU,and the PDCP header is added which comprises of only the PDU Type, PGKID, PTK ID, and PDCP SN when the security feature is applied. Atoperation 804, the PDU Type and PDCP SN are set to the correspondingvalues associated with the PDCP SDU. At operation 805, the PGK ID in thePDCP header is set to the PGK ID of the PDG which was used to generatethe PTK used for securing this PDCP SDU. At operation 806, the PTK ID isset to the PTK ID of the PTK which was used to generate the PEK used forsecuring this PDCP SDU. The encrypted PDCP SDU is transmitted togetherwith the PDCP header to the receiver.

At operation 807, PDCP entity does not encrypt the PDCP SDU and the PDCPheader is added which comprises of only the PDU type, when the securityfeature is not applied. At operation 808, the PDU type is set to thecorresponding value associated with the PDCP SDU. The unencrypted PDCPSDU is transmitted together with the PDCP header to the receiver.

FIG. 9 is a flowchart illustrating a PDCP entity operation in thereceiver according to an embodiment of the present disclosure.

Referring to FIG. 9, in this embodiment of the present disclosure, thereceiver already knows whether or not the security feature is applied tothe PDCP SDU based on configuration information received from network(which is stored in the secure element (UICC) of the device). In anembodiment of the present disclosure, the upper layer indicates to PDCPwhether or not the security feature is applied to PDCP SDUs. If thesecurity feature is applied, the PDCP entity parses the PDCP headercomprising of the PDU type, PGK ID, PTK ID, and PDCP SN. The PDCP entitythen determines the PGK and PTK used for securing the PDCP SDU based onthe PTK ID and PGK ID in the PDCP header. If the security feature is notapplied, then the PDCP entity parses the PDCP header comprising of thePDU type only (as the receiver knows that the PGK ID and PTK ID are notincluded in the PDCP header).

At operation 901, the receiver determines if the security feature is tobe applied on PDCP SDU or not based on configuration information frompro-se function. At operation 902, the security feature is eitherapplied or not based on information received from the operation 901. Atoperation 903, the PDCP entity parses the PDU type, PGK ID, PTK ID, andPDCP SN from the beginning of the PDCP PDU, and determines the PGK andPTK used for securing the PDCP SDU based on the PTK ID and PGK ID in thePDCP header, when the security feature is applied. At operation 904, thereceived PDCP SDU is decrypted and sent to upper layer.

At operation 905, the PDCP entity parses the PDU type from the beginningof the PDCP PDU. At operation 906, the received PDCP SDU is sent toupper layer.

Embodiment 4

FIG. 10 is a flowchart illustrating a PDCP entity operation in thetransmitter for generating the PDCP PDU according to an embodiment ofthe present disclosure.

Referring to FIG. 10, in this embodiment of the present disclosure, thetransmitter adds a different type of PDCP header depending on whether ornot the security feature is applied on the data (i.e., a PDCP SDU). Inan embodiment of the present disclosure, the pro-se configurationinformation provided by the network (which is stored in the secureelement (UICC) of the device) indicates to PDCP whether or not thesecurity feature should be applied to PDCP SDUs for a particulardestination ID (which can be a group ID), all destination IDs, or aparticular PDU SDU type (e.g., a relay SDU, signaling SDU, ARP SDU,etc.). In an embodiment of the present disclosure, whether or not thesecurity feature (e.g., ciphering) is applied is configured by thepro-se key management function or pro-se function in the network. In anembodiment of the present disclosure, the upper layer indicates to PDCPwhether or not the security feature should be applied to PDCP SDUs.Whether or not the security feature (e.g., ciphering) should be appliedto PDCP SDUs, can be indicated for a particular destination ID, for alldestination IDs, or for a particular PDU SDU type (e.g., a relay SDU,signaling SDU, ARP SDU, etc.). Upper layer may indicate not to apply thesecurity feature in PDCP if the security is already applied to the PDCPSDU at the upper layer. If the security feature is applied, then PDCPgenerates the PDCP PDU by adding the PDCP header and setting the PDUtype as secured (for example, if the PDU type indicates ARP and IPpackets, then two additional types indicating unsecured ARP andunsecured IP are defined) and further adds the PGK ID, PTK ID, and PDCPSN associated with the PDCP SDU in the PDCP PDU. If the security featureis not applied, then PDCP generates the PDCP PDU by adding the PDCPheader, wherein the PDCP header comprises of the PDU type only. Thefield PDU type is set to the PDU type associated with the PDCP SDU inthe PDCP PDU as unsecured (i.e., the security feature is not applied).The PGK ID, PTK ID, and PDCP SN fields are not included in the PDCPheader. The PDCP SN is not maintained since the security feature is notapplied.

In an alternate embodiment of the present disclosure, an indicator canbe in the PDCP header which indicates whether or not the PGK ID, PTK ID,and PDCP SN are included in the PDCP header.

At operation 1001, the transmitter determines if the security feature isto be applied on PDCP SDU or not. At operation 1002, the securityfeature is either applied or not based on information received from theoperation 1001. At operation 1003, the PDCP header is added, whichcomprises of the PDU type, PGK ID, PTK ID, and PDCP SN when the securityfeature is applied. At operation 1004, the PDU type and PDCP SN are setto the corresponding values associated with the PDCP SDU.

At operation 1005, the PGK ID in the PDCP header is set to the PGK ID ofthe PGK which was used to generate the PTK used for securing this PDCPSDU. At operation 1006, the PTK ID is set to the PTK ID of the PTK whichwas used to generate the PEK used for securing this PDCP SDU.

At operation 1007, the PDCP header is added to data, which comprises ofonly the PDU type, when the security feature is not applied. Atoperation 1008, the PDU type is set to the corresponding valueassociated with the PDCP SDU.

FIG. 11 is a flowchart illustrating a PDCP entity operation in thereceiver according to an embodiment of the present disclosure.

Referring to FIG. 11, in this embodiment of the present disclosure, thePDCP entity parses the PDCP header comprising of the PDU type, and basedon the received PDU type knows whether or not the security feature isapplied. If the PDU type indicates that the security feature is applied,then the PDCP entity further parses the PDCP header comprising of thePGK ID, PTK ID, and PDCP SN. The PDCP entity then determines the PGK andPTK used for securing the PDCP SDU based on the PTK ID and PGK ID in thePDCP header. If the security feature is not applied (based on the PDUtype), then the PDCP entity further process the data packet withoutdecrypting the packet (or verifying the message authentication code(MAC-I)).

At operation 1101, the receiver processes the data received fromtransmitter to determine if the security feature is applied on PDCP SDUor not based on the PDU type in the received PDCP header. At operation1102, a check is performed of whether or not the security feature isapplied based on information received from the operation 1101. Atoperation 1103, the PDCP entity parses the PGK ID, PTK ID, and PDCP SNfrom the beginning of the PDCP PDU, and determines the PGK and PTK usedfor securing the PDCP SDU based on the PTK ID and PGK ID in the PDCPheader, when the security feature is applied. At operation 1104, thereceived PDCP SDU is decrypted and sent to upper layer.

At operation 1105, the received PDCP SDU is sent to upper layer withoutdecryption, when the security feature is not applied. In an embodimentof the present disclosure, the upper layer includes, but is not limitedto, NAS protocol, pro-se protocol, application, IP protocol, ARPprotocol, and signaling protocol.

Embodiment 5

In an embodiment of the transmitter operation of the present disclosure,the transmitter adds a different type of PDCP header (as explained insolutions 1 to 4) depending on whether or not the security feature isapplied on the data (i.e., a PDCP SDU). In an embodiment of the presentdisclosure, the pro-se configuration information provided by the network(which is stored in the secure element (UICC) of the device) indicatesto the PDCP entity whether or not the security feature should be appliedto the PDCP SDUs for a particular destination ID (which can be a groupID).

In an embodiment of the receiver operation of the present disclosure,the receiver knows whether or not the security feature is applied to thePDCP SDU based on configuration information received from pro-sefunction during the service authorization. Further the configurationinformation indicates, whether or not a particular device within a groupwill apply the security feature. For example, there are four devices(D1, D2, D3, D4) within a group performing D2D communication, where D1,D2, and D3 are subscribed for transmission and D4 is subscribed for onlyreception. In D4, the network configuration information indicates that,D1 and D3 will apply security feature and D2 will not apply securityfeature. In this case, when D4 receives data packets from D1 and D3, itknows the security feature will be applied and when D4 receives datapackets from D2 it knows the security feature is not applied. Thenetwork decides the configuration information based on the devicecapability, subscription (i.e., a low priority device), and like so.

Embodiment 6

In an embodiment of the present disclosure during the transmitteroperation, the transmitter adds a different type of PDCP header (asdescribed in embodiments 1 to 4) depending on whether or not thesecurity feature is applied on the data (i.e., a PDCP SDU). In anembodiment of the present disclosure, the transmitting device decideswhether or not the security feature should be applied to the PDCP SDUsbased on an application (for example, whether or not the applicationapplies the security feature, applications sensitivity), an upper layerprotocol (for example, if the upper layer protocol(s) is real-timetransport protocol (RTP) and/or user datagram protocol (UDP) and/orhypertext transfer protocol over secure socket layer (HTTPS), nosecurity feature will be applied), its security capability, and like so.

In an embodiment of the present disclosure, during the receiveroperation, the receiver already knows whether or not the securityfeature is applied to the PDCP SDU based on configuration informationreceived from pro-se function during the service authorization. Further,the configuration information may indicate whether or not a particulardevice within a group will apply the security feature. In an embodimentof the present disclosure, based on the indication/information receivedin the data packets, the receiver knows whether or not the securityfeature is applied (for example, using pre-defined values in thesecurity information fields, based on the PDU type value in the PDCPheader).

While the present disclosure has been shown and described with referenceto various embodiments thereof, it will be understood by those skilledin the art that various changes in form and details may be made thereinwithout departing from the spirit and scope of the present disclosure asdefined by the appended claims and their equivalents.

What is claimed is:
 1. A method of transmitting data in a device todevice communication system, the method comprising: determining whethera security feature is applied to a packet data convergence protocol(PDCP) service data unit (SDU); configuring a PDCP protocol data unit(PDU) based on the determined result; and transmitting the PDCP PDU to areceiving user equipment (UE), wherein a PDCP header of the PDCP PDUincludes an SDU type, a PDCP sequence number (SN), least significantbits of a pro-se group key (PGK) identification (ID) and a pro-setraffic key (PTK) ID, and wherein the SDU type is set to a valueindicating a protocol type of the PDCP SDU.
 2. The method of claim 1,wherein, if the security feature is not applied to the PDCP SDU, thePDCP SN, the least significant bits of the PGK ID and the PTK ID are setto a zero value in the PDCP header.
 3. The method of claim 1, whereinthe determining of whether the security feature is applied to the PDCPSDU is based on a pro-se function in a network.
 4. The method of claim1, wherein the configuring the PDCP PDU based on the determined resultis based on a pro-se key management function in a network.
 5. The methodof claim 1, wherein the configuring of the PDCP PDU if the securityfeature is applied to the PDCP SDU comprises: including the SDU type andthe PDCP SN in the PDCP header of the PDCP PDU, wherein the PDCP SN isset to one of values associated with the PDCP SDU; including the leastsignificant bits of the PGK ID in the PDCP header of the PDCP PDU,wherein the least significant bits of the PGK ID identifies a PGK usedto generate a PTK for securing the PDCP SDU; and including PTK ID in thePDCP header of the PDCP PDU, wherein the PTK ID identifies the PTK usedto generate a pro-se encryption key (PEK) for securing the PDCP SDU. 6.A method of receiving data in a device to device communication system,the method comprising: receiving a packet data convergence protocol(PDCP) protocol data unit (PDU); and processing the PDCP PDU configuredbased on whether a security feature is applied to a PDCP service dataunit (SDU), wherein a PDCP header of the PDCP PDU includes an SDU type,a PDCP sequence number (SN), least significant bits of a pro-se groupkey (PGK) identification (ID) and a pro-se traffic key (PTK) ID, andwherein the SDU type is set to a value indicating a protocol type of thePDCP SDU.
 7. The method of claim 6, wherein whether the security featureis applied to the PDCP SDU is determined based on a pro-se function in anetwork.
 8. The method of claim 6, wherein the PDCP PDU is configuredbased on a pro-se key management function in a network.
 9. The method ofclaim 6, wherein the processing of the PDCP PDU comprises: determiningthe security feature applied status on the PDCP SDU based onconfiguration information from a pro-se function; determining a PGK anda PTK for securing the PDCP SDU based on the PTK ID and the PGK ID inthe PDCP header by a PDCP entity if the security feature is applied tothe PDCP SDU; decrypting the received PDCP SDU; and sending thedecrypted PDCP SDU to an upper layer.
 10. The method of claim 6, whereinthe processing of the PDCP PDU comprises: determining the securityfeature applied status on the PDCP SDU based on configurationinformation from a pro-se function; and sending the PDCP SDU to an upperlayer without decryption if the security feature is not applied to thePDCP SDU.
 11. The method of claim 6, wherein the processing of the PDCPPDU comprises: determining the security feature applied on the PDCP SDUif the zero value is not assigned to the PDCP SN, the PGK ID, and thePTK ID; determining a PGK and a PTK for securing the PDCP SDU based onat least one of the PDCP SN, the PGK ID, or the PTK ID in the PDCPheader if the security feature is applied to the PDCP SDU; decryptingthe received PDCP SDU; and sending the decrypted PDCP SDU to an upperlayer.
 12. The method of claim 6, wherein the processing of the PDCP PDUcomprises: determining the security feature is not applied on the PDCPSDU if the zero value is assigned to the PDCP SN, the PGK ID, and thePTK ID; and sending the received PDCP SDU to an upper layer withoutdecryption.
 13. An apparatus for transmitting data in a device to devicecommunication system, the apparatus comprising: at least one processorconfigured to: determine whether a security feature is applied to apacket data convergence protocol (PDCP) service data unit (SDU), andconfigure a PDCP protocol data unit (PDU) based on the determinedresult; and a transmitter configured to transmit the PDCP PDU to areceiving user equipment (UE), wherein a PDCP header of the PDCP PDUincludes an SDU type, a PDCP sequence number (SN), least significantbits of a pro-se group key (PGK) identification (ID) and a pro-setraffic key (PTK) ID, and wherein the SDU type is set to a valueindicating a protocol type of the PDCP SDU.
 14. The apparatus of claim13, wherein, if the security feature is not applied to the PDCP SDU, thePDCP SN, the least significant bits of the PGK ID and the PTK ID are setto a zero value in the PDCP header.
 15. The apparatus of claim 13,wherein, if the security feature is applied to the PDCP SDU: the PDCPheader of the PDCP PDU comprises the SDU type and the PDCP SN, whereinthe PDCP SN is set to one of values associated with the PDCP SDU; thePDCP header of the PDCP PDU comprises the least significant bits of thePGK ID, wherein the least significant bits of the PGK ID identify a PGKused to generate a PTK for securing the PDCP SDU; and the PDCP header ofthe PDCP PDU comprises PTK ID, wherein the PTK ID identifies the PTKused to generate a pro-se encryption key (PEK) for securing the PDCPSDU.
 16. An apparatus of receiving data in a device to devicecommunication system, the apparatus comprising: a receiver for receivinga packet data convergence protocol (PDCP) protocol data unit (PDU); andat least one processor configured to process the PDCP PDU configuredbased on whether a security feature is applied to a PDCP service dataunit (SDU), wherein a PDCP header of the PDCP PDU includes an SDU type,a PDCP sequence number (SN), least significant bits of a pro-se groupkey (PGK) identification (ID) and a pro-se traffic key (PTK) ID, andwherein the SDU type is set to a value indicating a protocol type of thePDCP SDU.
 17. The apparatus of claim 16, wherein the at least oneprocessor is further configured to: determine the security featureapplied status on the PDCP SDU based on configuration information from apro-se function; determine a PGK and a PTK for securing the PDCP SDUbased on the PTK ID and the PGK ID in the PDCP header by a PDCP entityif the security feature is applied to the PDCP SDU; decrypt the receivedPDCP SDU; and send the decrypted PDCP SDU to an upper layer.
 18. Theapparatus of claim 16, wherein the at least one processor is furtherconfigured to: determine the security feature applied status on the PDCPSDU based on configuration information from a pro-se function; and sendthe PDCP SDU to an upper layer without decryption if the securityfeature is not applied to the PDCP SDU.
 19. The apparatus of claim 16,wherein the at least one processor is further configured to: determinethe security feature applied on the PDCP SDU if the zero value is notassigned to the PDCP SN, the PGK ID, and the PTK ID; determine a PGK anda PTK for securing the PDCP SDU based on at least one of the PDCP SN,the PGK ID, or the PTK ID in the PDCP header if the security feature isapplied to the PDCP SDU; decrypt the received PDCP SDU; and send thedecrypted PDCP SDU to an upper layer.
 20. The apparatus of claim 16,wherein the at least one processor is further configured to: determinethe security feature is not applied on the PDCP SDU if the zero value isassigned to the PDCP SN, the PGK ID, and the PTK ID; and send thereceived PDCP SDU to an upper layer without decryption.